Global Patent Index - EP 3742694 A1

EP 3742694 A1 20201125 - COMPUTER SYSTEM FOR MALWARE ANALYSIS BASED ON DATA CLUSTERING

Title (en)

COMPUTER SYSTEM FOR MALWARE ANALYSIS BASED ON DATA CLUSTERING

Title (de)

COMPUTERSYSTEM FÜR MALWARE-ANALYSE AUF DER GRUNDLAGE VON DATEN-CLUSTERING

Title (fr)

SYSTÈME INFORMATIQUE POUR L'ANALYSE DES MALWARE BASÉE SUR LE REGROUPEMENT DE DONNÉES

Publication

EP 3742694 A1 20201125 (EN)

Application

EP 19210688 A 20150702

Priority

  • US 201462020876 P 20140703
  • US 201414473552 A 20140829
  • US 201414473920 A 20140829
  • US 201414486991 A 20140915
  • US 201414487021 A 20140915
  • EP 15175151 A 20150702

Abstract (en)

The present disclosure relates to a data analysis system that automatically generates clustered data structures, automatically analyzes those clustered data structures, and provides results of the automated analysis in an optimized way to an analyst. The automated analysis of the clustered data structures includes an automated application of various criteria or rules so as to generate a compact, human-readable analysis of the data clusters. The human-readable analyses of the data clusters is organized into an interactive user interface so as to enable an analyst to quickly navigate among information associated with various data clusters and efficiently evaluate those data clusters in the context of, for example, a fraud investigation. The present invention also relates to automated scoring of the clustered data structures.

IPC 8 full level

H04L 29/06 (2006.01); G06F 21/56 (2013.01); G06Q 30/00 (2012.01); G06Q 50/26 (2012.01)

CPC (source: EP)

H04L 63/1408 (2013.01); G06F 21/567 (2013.01); G06Q 30/0185 (2013.01); G06Q 50/265 (2013.01)

Citation (applicant)

  • US 201314139628 A 20131223
  • US 201314139603 A 20131223
  • US 201414473860 A 20140829

Citation (search report)

  • [I] SHI LIANG ET AL: "A Scalable Implementation of Malware Detection Based on Network Connection Behaviors", 2013 INTERNATIONAL CONFERENCE ON CYBER-ENABLED DISTRIBUTED COMPUTING AND KNOWLEDGE DISCOVERY, IEEE, 10 October 2013 (2013-10-10), pages 59 - 66, XP032534147, DOI: 10.1109/CYBERC.2013.19
  • [A] RICHARD A NOLAN ET AL: "MCARTA: A Malicious Code Automated Run-Time Analysis framework", HOMELAND SECURITY (HST), 2012 IEEE CONFERENCE ON TECHNOLOGIES FOR, IEEE, 13 November 2012 (2012-11-13), pages 13 - 17, XP032330331, ISBN: 978-1-4673-2708-4, DOI: 10.1109/THS.2012.6459819
  • [A] ROBERTO PERDISCI ET AL: "Behavioral Clustering of HTTP-Based Malware and Signature Generation Using Malicious Network Traces", USENIX,, 18 March 2010 (2010-03-18), pages 1 - 14, XP061010768

Designated contracting state (EPC)

AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

DOCDB simple family (publication)

EP 2963577 A1 20160106; EP 2963577 B1 20191127; EP 2963577 B8 20200101; EP 3731166 A1 20201028; EP 3742694 A1 20201125

DOCDB simple family (application)

EP 15175151 A 20150702; EP 19210661 A 20150702; EP 19210688 A 20150702